some cases it does not happen at all). Middleware based design patterns could
make the processing of input and output a somewhat less cluttered.
-Another thing that striked us about the TestCMS code is that all functionality
-was written by the programmer theirself. Although it may make the application
+Another thing that struck us about the TestCMS code is that all functionality
+was written by the programmer him/herself. Although it may make the application
a bit slower, using a template engine (like Twig\footnote{\url{http://twig.sensiolabs.org/}})
could make the application design clearer and more secure by design. While a
-template engine is not necesarry, we think that using the new \code{MySQLi} API
+template engine is not necessary, we think that using the new \code{MySQLi} API
and in combination with prepared statements is a good change to start with.
+This would improve the security by default, as the designers of libraries
+like these usually have more security knowledge than the random programmer.